The Multi-Tool Web Vulnerability Scanner.

Overview

GitHub issues GitHub issues GitHub forks GitHub stars GitHub license

🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner

RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1.1 releases section. Download and use it if you still haven't upgraded to Python 3. Kindly note that the v1.1 (Python2.7) will not be enhanced further.

Evolution:

It is quite a fuss for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program is to solve this problem through automation; viz. running multiple scanning tools to discover vulnerabilities, effectively judge false-positives, collectively correlate results and saves precious time; all these under one roof.

Enter RapidScan.

Features

  • one-step installation.
  • executes a multitude of security scanning tools, does other custom coded checks and prints the results spontaneously.
  • some of the tools include nmap, dnsrecon, wafw00f, uniscan, sslyze, fierce, lbd, theharvester, amass, nikto etc executes under one entity.
  • saves a lot of time, indeed a lot time!.
  • checks for same vulnerabilities with multiple tools to help you zero-in on false positives effectively.
  • extremely light-weight and not process intensive.
  • legends to help you understand which tests may take longer time, so you can Ctrl+C to skip if needed.
  • association with OWASP Top 10 & CWE 25 on the list of vulnerabilities discovered. (under development)
  • critical, high, medium, low and informational classification of vulnerabilities.
  • vulnerability definitions guides you what the vulnerability actually is and the threat it can pose.
  • remediation tells you how to plug/fix the found vulnerability.
  • executive summary gives you an overall context of the scan performed with critical, high, low and informational issues discovered.
  • artificial intelligence to deploy tools automatically depending upon the issues found. for eg; automates the launch of wpscan and plecost tools when a wordpress installation is found. (under development)
  • detailed comprehensive report in a portable document format (*.pdf) with complete details of the scans and tools used. (under development)
  • on the run metasploit auxilliary modules to discover more vulnerabilities. (under development)

FYI:

  • program is still under development, works and currently supports 80 vulnerability tests.
  • parallel processing is not yet implemented, may be coded as more tests gets introduced.

Vulnerability Checks

  • ✔️ DNS/HTTP Load Balancers & Web Application Firewalls.
  • ✔️ Checks for Joomla, WordPress and Drupal
  • ✔️ SSL related Vulnerabilities (HEARTBLEED, FREAK, POODLE, CCS Injection, LOGJAM, OCSP Stapling).
  • ✔️ Commonly Opened Ports.
  • ✔️ DNS Zone Transfers using multiple tools (Fierce, DNSWalk, DNSRecon, DNSEnum).
  • ✔️ Sub-Domains Brute Forcing (DNSMap, amass, nikto)
  • ✔️ Open Directory/File Brute Forcing.
  • ✔️ Shallow XSS, SQLi and BSQLi Banners.
  • ✔️ Slow-Loris DoS Attack, LFI (Local File Inclusion), RFI (Remote File Inclusion) & RCE (Remote Code Execution).
  • & more coming up...

Requirements

  • Python 3
  • Kali OS (Preferred, as it is shipped with almost all the tools)
  • Tested with Parrot & Ubuntu Operating Systems.

Usage

python3 rapidscan.py example.com

RapidScan.-.Start.scanning.a.website.in.20.seconds.mp4

Docker Support

To run a scan for example.com the command below has to be run. After completion reports can be found in the current path under reports.

docker run -t --rm -v $(pwd)/reports:/reports kanolato/rapidscan example.com

Contribution

Comments
  • Update Dockerfile for python 3

    Update Dockerfile for python 3

    Thanks for the python 3 update.

    The docker file should be updated and tested as well, I haven’t tested whether it currently works, but it looks like python3 is not installed, so I think the Dockerfile is currently broken.

    opened by tristanlatr 6
  • unique output file names

    unique output file names

    stomping over the same file with all sorts of results... well... not even worth a pull request... but I added a few lines to disambiguate them - the main bit is:

    date = subprocess.Popen(["date", "+%Y-%m-%d.%s"],stdout=subprocess.PIPE).stdout.read()[:-1].decode("utf-8") debuglog = "rs.dbg.%s.%s" % (target, date) vulreport = "rs.vul.%s.%s" % (target, date)

    That will create files that look like "rs.vul.google.com.2022-01-03.1641255361" or w/e.

    I'd also advocate creating a vulnerability file even if nothing was found; e.g. change this:

    if len(rs_vul_list)==0: print("\t"+bcolors.OKGREEN+"No Vulnerabilities Detected."+bcolors.ENDC)

    To be a report.write(*) with the same text or w/e (not blank, since it could die in mid run and you wouldn't know if it really was zero vuls or not.) First time I ran it I wasn't sure if there was a bug or what, since no result file was created.

    YMMV, IMHO, etc.

    opened by zenfish 4
  • Broken Dockerfile

    Broken Dockerfile

    Hi, it looks like the docker image cannot be build with the latest kali distributions :/

    I'm unsure which python dependencies have docutils as a requirements, tho.

    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:
    
    The following packages have unmet dependencies:
     python-docutils : Depends: docutils-common (= 0.12+dfsg-1) but 0.16+dfsg-4 is to be installed
                       Recommends: python-pil but it is not going to be installed
                       Recommends: python-pygments but it is not going to be installed
                       Recommends: libpaper-utils but it is not going to be installed
                       Recommends: docutils-doc (= 0.12+dfsg-1) but it is not going to be installed
     python-requests : Depends: python-chardet but it is not installable
    E: Unable to correct problems, you have held broken packages.
    The command '/bin/sh -c apt-get install -y   python2.7   wget   dmitry   dnsrecon   wapiti   nmap   sslyze   dnsenum   wafw00f   golismero   dirb   host   lbd   xsser   dnsmap   dnswalk   fierce   davtest   whatweb   nikto   uniscan   whois   theharvester' returned a non-zero code: 100
    
    opened by tristanlatr 4
  • scanning tool unavailable even if it available

    scanning tool unavailable even if it available

    Screenshot_2019-08-24-01-33-54-96

    I have nikto dimtry sslyze dnsrecon and golismer and other tool the script rapid scan still tell me that tool unavailable above script and on scan progress??

    opened by ringawy 4
  • Fixes #22

    Fixes #22

    Hi @sh4nx0r ,

    This PR adds some changes such that the code is using argparse to parse the arguments.

    And it fixes #22 with argument --skip.

    Edit: we should read 22 on the commit message not 12...

    opened by tristanlatr 3
  • Possibility to disable some tools

    Possibility to disable some tools

    Hi,

    I've been running into issues with DMitry, the scan takes more than 48h, which is not acceptable.

    I was wondering if there is an option to disable a specific tool using the rapidscan docker container ?

    Thanks

    opened by tristanlatr 3
  • fierce unrecognized arguments: -dns

    fierce unrecognized arguments: -dns

    I got unrecognized -dns arguments error.

    Fierce Subdomains Bruter - Brute Forces Subdomain Discovery.

    usage: fierce [-h] [--domain DOMAIN] [--connect] [--wide] [--traverse TRAVERSE] [--search SEARCH [SEARCH ...]] [--range RANGE] [--delay DELAY] [--subdomains SUBDOMAINS [SUBDOMAINS ...] | --subdomain-file SUBDOMAIN_FILE] [--dns-servers DNS_SERVERS [DNS_SERVERS ...] | --dns-file DNS_FILE] [--tcp] fierce: error: unrecognized arguments: -dns example.com

    opened by ghost 3
  • Upgrading to Python 3

    Upgrading to Python 3

    Hello!

    I really liked your tool, you surely have put a lot of effort into this tool, and I see that the development is still under progress. Don't you think that it will be a better idea to shift this tool to Python 3 as this is the future. Python 2 is deprecating with the passage of time. If you're willing to make the transition, I can work with you, we can together make the proper changings to shift from Python 2 to Python 3. Waiting for your thoughts on it. Thanks

    opened by njmulsqb 3
  • Update tool not recognizing

    Update tool not recognizing

    Good day, I wanted to do push for your code cause harvester is not working on latest Kali because of the name. So here you go the code, you can review it and make push. Its not big modification but theharvester is now theHarvester, if you go with theharvester it will tell you bash command not found.

    line 216 ["theHarvester","The Harvester - Scans for emails using Google's passive search.","theHarvester",1], line 301 ["theHarvester -l 50 -b google -d ",""], line 665 ["wapiti"], ["whatweb"], ["nmap"], ["golismero"], ["host"], ["wget"], ["uniscan"], ["wafw00f"], ["dirb"], ["davtest"], ["theHarvester"], ["xsser"], ["dnsrecon"],["fierce"], ["dnswalk"], ["whois"], ["sslyze"], ["lbd"], ["golismero"], ["dnsenum"],["dmitry"], ["davtest"], ["nikto"], ["dnsmap"] line

    bug 
    opened by Bitt3r 3
  • UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    Traceback (most recent call last): File "/Users/ayhan/Downloads/rapidscan-master/rapidscan.py", line 1514, in rs_tool_output_file = open(temp_file).read() File "/usr/local/Cellar/[email protected]/3.9.10/Frameworks/Python.framework/Versions/3.9/lib/python3.9/codecs.py", line 322, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    opened by ayhanbaris 2
  • borked dockerfile

    borked dockerfile

    MacOS 10.15.7 (Catalina)

    TLDR; run an apt-get before anything else... you either need to ignore keys altogether or use some alternate method to get the Kali pubkey (curl, wget, etc. aren't in the baseimage.) Alternate workaround after errors building:

    Sending build context to Docker daemon 3.565MB Step 1/10 : FROM kalilinux/kali-rolling ---> c2fadbc65f8d Step 2/10 : ENV DEBIAN_FRONTEND noninteractive ---> Using cache ---> fd58a73e4d8b Step 3/10 : RUN apt-get update && apt-get -yu dist-upgrade -y ---> Running in 73b26ccf950e Get:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease [30.6 kB] Err:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6 Reading package lists... W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/kali-archive-keyring.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: GPG error: http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6 E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed. The command '/bin/sh -c apt-get update && apt-get -yu dist-upgrade -y' returned a non-zero code: 100

    You can do the somewhat crazy :

    RUN apt -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true update

    Or actually get the key somehow. If you do the above, three more changes were necessary to make the dockerfile work -

    1. add the "--allow-unauthenticated" to apt-get RUN line
    2. change python to python3 in the apt-get package listing.
    3. change the last line from: ENTRYPOINT ["/usr/local/bin/rapidscan.py"] -> ENTRYPOINT ["python3", "/usr/local/bin/rapidscan.py"]
    opened by zenfish 2
  • Nmap takes forever

    Nmap takes forever

    It seems that scans take quite long to complete or maybe there is some issue.

    I have run the scan and nmap was running for 2 hours before i killed it and Fierce subdomains bruter is the same story (haven't killed it yet).

    Is this normal? Shall I wait for more, or is there something wrong?

    opened by kleozzy 0
  • Have a --version flag

    Have a --version flag

    That would be nice to be able to check if we're running the latest version of rapidscan.

    I wouldn't trust the --update flag to update rapidsan, it's likely resulting in permission error.

    opened by tristanlatr 0
  • HTML reports missing

    HTML reports missing

    Hello,

    I've run rapidscan via docker and it seems like all report files are fine. The temp_uniscan_rfi file says:

    HTML report saved in: report/www.my-domain.com.html

    But there is no HTML document. Any ideas?

    opened by linslin 1
Releases(v1.1)
  • v1.1(Oct 23, 2021)

    The v1.1 is a fully-functional version of RapidScan suitable for domains or websites supporting Python 2.7. Python 3 is not supported.

    The upcoming version 1.2 will be supporting Python 3.

    This release is not optimized for scanning network devices like firewalls, routers, etc.

    The v2.0 will contain the Bug-Bounty module. The v3.0 which is still under development that supports scanning of both the websites and network devices.

    Source code(tar.gz)
    Source code(zip)
  • v1.0(Nov 7, 2018)

    The v1.0 is a fully-functional version of RapidScan suitable for domains or websites. This release is not optimized for scanning network devices like firewalls, routers, etc.

    The v2.0 which is still under development will be supporting both the websites and network devices.

    Source code(tar.gz)
    Source code(zip)
Owner
skavngr
My rants and ramblings on info-sec.
skavngr
PoC encrypted diary in Python 3

Encrypted diary Sample program to store confidential data. Provides encryption in the form of AES-256 with bcrypt KDF. Does not provide authentication

1 Dec 25, 2021
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries

Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than F

Christopher Roberts 3 Nov 16, 2021
Zero-attacker is an multipurpose hacking tool with over 12 tools

Zero Attacker Zero Attacker is bunch of tools which we made for people.These all tools are for purpose of ethical hacking and discord tools. Who is th

Asjad 300 Dec 28, 2022
A secure password generator written in python

gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"

Paulo Pacitti 430 Dec 27, 2022
"Video Moment Retrieval from Text Queries via Single Frame Annotation" in SIGIR 2022.

ViGA: Video moment retrieval via Glance Annotation This is the official repository of the paper "Video Moment Retrieval from Text Queries via Single F

Ran Cui 38 Dec 31, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t

Trewis [work] Scotch 4 Sep 23, 2022
MD5-CRACKER - A gmail brute force app created with python3

MD5-CRACKER So this is my first app i created with python3 . if you guys downloa

2 Nov 10, 2022
Tool ini berfungsi untuk membuat virus secara instan

vbug (ID) Tool ini berfungsi untuk membuat virus secara instan. Dengan begitu pengguna vbug maker dapat menggunakannya dengan mudah dan cepat. Di dala

OneTXz 3 Jun 05, 2022
Anti Supercookie - Confusing the ISP & Escaping the Supercookie

Confusing the ISP & Escaping the Supercookie

Baris Dincer 2 Nov 22, 2022
This is a simple Port Flooder written in Python 3.

This is a simple Port Flooder written in Python 3. Use this tool to quickly stress test your network devices and measure your router's or server's load.

Júlio Carneiro 4 Feb 20, 2022
Operational information regarding the vulnerability in the Log4j logging library.

Log4j Vulnerability (CVE-2021-44228) This repo contains operational information regarding the vulnerability in the Log4j logging library (CVE-2021-442

Nationaal Cyber Security Centrum (NCSC-NL) 1.9k Dec 26, 2022
A simple password generator using Python Tkinter.

Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi

Prashant Agheda 1 Nov 02, 2022
CVE-2021-40346 integer overflow enables http smuggling

CVE-2021-40346-POC CVE-2021-40346 integer overflow enables http smuggling Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021

donky16 34 Nov 15, 2022
MassStringer, CTF Flag Finder

massStringer MassStringer, CTF Flag Finder Usage: python3 massStringer.py Enter absolute path of the directory to scan for flags Edit "flag = re.searc

SuperTsumu 4 Sep 06, 2022
Keystroke logging, often referred to as keylogging or keyboard capturing

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware

Harsha G 2 Jan 11, 2022
A Python application to predict what is cooking

ez-cuisine-classifier A Python application to predict what is cooking Environment Python 3.9 Windows 10 Install python -m venv venv .\venv\Scripts\act

Zeheng Li 1 Jun 21, 2022
SEBUAH TOOLS TERMUX CRACK AKUN FF HOMKI AKUN EPEP DAH SATU FOLLOW AE YA BROO AWOKWOK

print " INSTALL TOOLS " $ pkg update && upgrade $ pkg install python2 $ pkg install git $ pip2 install lolcat $ pip2 install bs4 $ pip2 install reques

Jeeck 2 Nov 29, 2021
A bare-bones POC container runner in python

pybox A proof-of-concept bare-bones container written in 50 lines of python code. Provides namespace isolation and resource limit control Usage Insta

Anirudh Haritas Murali 5 Jun 03, 2021
威胁情报播报

Threat-Broadcast 威胁情报播报 运行环境 项目介绍 从以下公开的威胁情报来源爬取并整合最新信息: 360:https://cert.360.cn/warning 奇安信:https://ti.qianxin.com/advisory/ 红后:https://redqueen.tj-u

东方有鱼名为咸 148 Nov 09, 2022
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities.

👑 Recon 👑 The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my ow

Dirso 171 Dec 31, 2022